This invention pertains to methods and devices for securely encoding and using biometric information as a form of identification.
With the threat of terrorism an everyday reality, border access control has become more important than ever. Traditional paper passports have many shortcomings when it comes to unauthorized modifications for the purpose of defeating security measures. “Enhancement of border security” and “facilitation of free and no resistance movement” of genuine travelers worldwide have become two contradictory objectives. The international community consisting of homeland security and state departments of various nations is working relentlessly to put a system in place to meet those objectives. One of the attempts in this direction is the issuance, adoption, and standardization of a new type of passport in place of conventional ones, known as an electronic passport or “E-Passport”. The U.S. Department of Homeland Security is putting a tremendous amount of effort into developing an international standard for E-Passports, while the U.S. Department of State is issuing them. This E-Passport for reliable and accurate and possibly automatic authentication and verification is ideally based on biometric information. The initial deployment of e-passport readers, under the supervision of the U.S. Department of Homeland Security, is underway. The U.S. Congress has set a deadline requiring all U.S. ports of entry to implement e-passport readers by Oct. 26, 2006.
Currently, when paper passport and non-biometric based systems are used, the process of verification is often localized and the immigration authority at the port of entry often makes decisions with limited information available. Similarly, the access control in the corporate world or credit/debit/ATM processing centers is susceptible to fraud. The paper passport is susceptible to tampering and the determination that the passport holder is the legitimate owner is cumbersome and error prone.
Typically, the biometric information while digital and electronically stored and transmitted is susceptible to “skimming”, “eavesdropping”, and “chip cloning”. Skimming is the process via which an unauthorized party retrieves the information stored in the host media by scanning its contents and requires physical access to it. On the other hand eavesdropping involves intercepting the information transmitted when the media is scanned at the electronic terminal and requires close physical proximity to it but no actual contact with it. Finally chip cloning refers to the process via which a legitimate media chip is duplicated by unauthorized means for the purpose of creating a forged document or chip. There is a need for development of techniques for protection of biometric information to maintain privacy.
Several attempts have been made to develop the different units of a digital camera with watermarking or encryption capabilities for protecting images and other multimedia data. However, they are not explicitly proposed for biometric information protection. At the same time the few ones available dealing with biometric images or biometric information are inadequate for their protection.
A camera, with the aim of restoring credibility to photographic images using encryption, is described in Friedman 1993. The process described in this work suggests encrypting the picture that is captured by the camera. Thus the protection is just a single layer. The applicability of this camera for biometric binary information is not evident.
In U.S. Pat. No. 4,896,363, a system is presented that can match image characteristics such as fingerprint. Hence, this method uses the sole biometric data, fingerprint, for matching. It does not deal with protection of finger print image, which is the goal of our method invented.
In U.S. Pat. No. 5,067,162, a method is presented for personal identification using fingerprinting images. However, this invention is silent about the protection of the fingerprinting image, which is the essence of our invention.
Patent Application Publication No. US2001/000900370 proposes a camera that captures iris image for security applications. This does not deal with protection of the iris image; this does not provide any protection for the image that is being captured.
Patent Application Publication No. US2002/0080256A1 proposes a camera that can be used for anti-theft or privacy device using an iris image. However, this does not deal with protection of the iris image, and this does not provide any protection for the image that is being captured.
In Mohanty 2003, Mohanty 2004, and Mohanty 2005, a concept of a secure digital camera is introduced that uses a watermarking algorithm for ensuring copyright of the images that is being captured by the camera. This is essentially a single layer protection to the image that is being captured. This is simply not adequate to provide multilayer protection to the biometric information. In the same context the Field Programmable Gate Array (“FPGA”) implementation is performed in Adamo 2006. The above concept is further enhanced in Adamo 2006 and Mohanty 2007, using biometric data as images and proposing to store them in the host image. It can provide a maximum double layer protection (through use of encryption and invisible watermarking), but is very much vulnerable to attackers. First it suggests visibly printing the UPC on the picture, which is clearly not acceptable as this information can be used by hackers. It also suggests printing a host image that stores the biometric information on a passport which is again not acceptable as the stored data in it can be susceptible to attacks. This method uses a single key and hence a lesser level of security. The authors suggest using images of biometric data (contrary to binary biometric information) which can be susceptible to signal processing attacks more easily, thus making the recovery process less reliable. Moreover, this form of image hiding inside an image can degrade the image quality as more data needs to be stored to be useful for authentication.
In Blythe 2005, a biometric authentication system in the context of the camera is presented. This uses iris image to address integrity, origin, and ownership issues of the image that is being captured using watermarking and hash function. However, this does not deal with protection of the iris image that it uses for authentication.
On the other hand our invention deals with protection of the image that is being captured at the same time protection of the biometric information that it acquires. Our invention provides multilayer protection to the biometric information, yet another distinct difference. In summary, our invention differs from process, process sequence, what is being protected, applicability, and device structure.